High-Tech Bridge is introducing its hybrid web application security assessment SaaS, ImmuniWeb for the first time ever to visitors at Infosecurity Europe 2014.

The service, which was developed in-house by High-Tech Bridge, is now in open Beta. The ImmuniWeb security assessment is the first hybrid service that combines automated vulnerability scanning and manual penetration testing to allow companies to conduct a quick and efficient website security review and ensure that a website or web apps are secure.

1. ImmuniWeb Security Scanner - a proprietary web vulnerabilities and weaknesses scanner developed and supported by High-Tech Bridge. Vanguard concept of 360Security on which ImmuniWeb Security Scanner is based, represents a set of five different modules that cover all aspects of web application security:

2. ImmuniWeb auditors - the permanent involvement of a security auditor during the entire process of ImmuniWeb security assessment ensures the highest quality and accuracy of both the security assessment and subsequent report; a level of quality which cannot be achieved by any automated tools or single-source solutions alone. Today, in the era of AJAX and JSON web technologies, application logic errors and DOM-Based XSS vulnerabilities, many web security scanners are unable to detect complex web 2.0 vulnerabilities. The presence of an auditor ensures that such vulnerabilities wonít be missed and will be included in the assessment report.

3. ImmuniWeb Security Assessment Report - the report is delivered within eight working hours after the completion of the security assessment. The report lists vulnerabilities and weaknesses detected during the assessment by ImmuniWeb security scanner and those manually revealed by the security auditor. Every report is reviewed by the company's Quality Assurance team before delivery.

ImmuniWeb was launched in closed Beta in May 2013 to a limited audience then passed as CWE and CVE compatibility certification by MITRE in summer 2013. In November 2013, The International Telecommunication Union (ITU) announced the use of ImmuniWeb as part of its toolset for ensuring that the governmental websites of ITUís Member States are secure.

"After four years of development, we are almost ready to launch ImmuniWeb in fully operational mode. Open Beta is the last step before the service will become fully public so we are looking forward to introducing guests to this yearís Infosecurity Europe event to our service and hearing their opinions on it," says Ilia Kolochenko, CEO of High-Tech Bridge.

Spotlight

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

A critical vulnerability in ANTlabs InnGate devices, a popular Internet gateway for visitor-based networks and commonly installed in hotels and convention centers, has been discovered. The flaw could allow an attacker to monitor or tamper with traffic to and from any hotel WiFi user's connection.

In this interview, Raj Samani, VP and CTO EMEA at Intel Security, talks about successful information security strategies aimed at the critical infrastructure, government challenges, the role of regulation, and more.